Closed
Bug 463893
Opened 16 years ago
Closed 1 year ago
always load remote images should not be based on sender's email address - use smtp server from which the message originates or on the server serving the images
Categories
(Thunderbird :: Message Reader UI, enhancement)
Thunderbird
Message Reader UI
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: reto, Unassigned)
Details
(Keywords: privacy)
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.17) Gecko/20080926 Firefox/2.0.0.17 Build Identifier: Thunderbird by default blocks remote images and provides a link saying "Click here to always load remote images from foo@example.org" As the from address say nothing about the origini of the mail the unblocking should be based either on the smtp server from which the message originates or on the server serving the images. Rationale: as it is usually quite easy to guess the bulk-mailing services one is subscribed to, if the user used this option to enable images in the mails from a certain sender (e.g. ebay, twine) and attacker can simply send an email with the from-address of a (probably) subscribed service to break the user's privacy. Reproducible: Always Steps to Reproduce: 1. get an email containing remote images 2. click on the "always load" link 3. get an email from an attacker setting thta service address as from-sddress
Comment 1•15 years ago
|
||
I have a variation on this idea (using TB 2.0.0.21): In order to allow the automatic loading of issues, I am directed to add a contact. The particular problem I have is that, for one newsletter to which I subscribe, part of the senders address is always different - 'news dot <variable character string> at domain name'. How can I allow Thunderbird to match the '<variable character string>' with the wildcard character '*', or similar, so that I can say '... always load remote images from 'news dot asterisk at domain name' - rather than have loads of contact entries for the one newsletter?
Reporter | ||
Comment 2•15 years ago
|
||
I agree that Thunderbird should make it easy to always load the images in a newsletter. Your suggestion however is based on the sender address with poses the problem this issue should address. In the example of the newsletter you use: if an attacker wants to find out if you subscribed to a particular newsletter they can simply send you an email with one of the newsletters-from addresses containing a reference to an image on a server under control of the attacker. If that image gets requested on the server, this is an evidence that you subscribed to this newsletter.
Updated•15 years ago
|
Component: General → Message Reader UI
QA Contact: general → message-reader
Updated•15 years ago
|
Severity: normal → enhancement
Version: unspecified → Trunk
Comment 3•13 years ago
|
||
This is actually a security issue and should probably be getting a bit more attention. The spammers are not stupid, and they already phish with common services' From addresses.
Updated•2 years ago
|
Severity: normal → S3
Comment 4•1 year ago
|
||
We support "on the server serving the images", so changing this to WFM
Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
Summary: always load remote images should not be based on sender's email address → always load remote images should not be based on sender's email address - use smtp server from which the message originates or on the server serving the images
You need to log in
before you can comment on or make changes to this bug.
Description
•